Razer Synapse is software that allows you to customize the buttons and RGB LEDs on Razer peripherals. It is widely used by players all over the planet, and is the subject of a vulnerability that can be easily exploited. Discovered by @j0nh4t who detailed the manipulation on Twitter, it allows access to admin privileges under Windows by simply connecting a keyboard or mouse.
Do you need a local admin and have physical access?
Connect a Razer mouse (or dongle)
– Windows Update will download and run RazerInstaller as system
– Abuse Elevated Explorer to open Powershell with Shift + Right Click
– Jonhat (@j0nh4t) August 21, 2021
In fact, when you connect a Razer device to a computer, Windows offers to install Razer Synapse and run the executable with system privileges. It is then possible to change the program’s installation folder and open PowerShell with a few clicks, which also opens with administrator privileges. So it is possible to execute any command from the computer…
You don’t have to worry too much, however, nothing can be done remotely and you have to be physically present in front of the computer to exploit this bug. Razer said it is fixing the bug anyway and will provide an update soon. @j0nh4t was contacted by the manufacturer and was rewarded for reporting the issue.
So remember to install the following updates from Razer Synapse if you are using the software.